To verify that it’s running, first let’s find out to which port the container’s port 5000 is mapped. Run docker ps and look for a line containing something like 127.0.0.1:32774->5000/tcp. In this case, the port is 32774.

Run curl http://localhost:32774/v2/ (where 32774 is the port you saw on docker ps). The Docker registry will return {}.

Obtaining a SSL certificate

If you already have a SSL certificate for your domain, skip this step.

Otherwise, you’ll need to generate a certificate request. An easy way to do so is to head over to DigiCert’s OpenSSL CSR Wizard and fill in the form.

Click ‘Generate’ and paste the openssl req... command from the wizard onto your shell. You’ll get a <domain>.csr file that you’ll have to send to your SSL provider to obtain the certificate. I bought mine off SSLs.com for $3.88 (only 1 year). You’ll also get a <domain>.key. We’ll use both files later.

If you used a cheap provider you’ll receive a bunch of certificates, which you’ll need to concatenate into a bundle. In the case of a Comodo certificate, you’d have to do so as follows (the order matters!):

If there’s been any problem you can check the logs of either service by running fleetctl journal nginx or fleetctl journal registry.

If fleet fails to start, make sure that fleet and etcd are running:

$ sudo systemctl start etcd
$ sudo systemctl start fleet

Data storage

Note that although we are using Docker’s bind mount option (-v) to store the registry, certificates, and configuration data on the local host, the proper way to do this would be to use data volume containers. However, if you are running a single server this simple way will work fine.